| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/basictypes.h" | 5 #include "base/basictypes.h" |
| 6 #include "base/bind.h" | 6 #include "base/bind.h" |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/path_service.h" | 9 #include "base/path_service.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| (...skipping 4311 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4322 params.is_post = false; | 4322 params.is_post = false; |
| 4323 params.post_id = -1; | 4323 params.post_id = -1; |
| 4324 test_rvh()->SendNavigateWithParams(¶ms); | 4324 test_rvh()->SendNavigateWithParams(¶ms); |
| 4325 | 4325 |
| 4326 // Now reload. replaceState overrides the POST, so we should not show a | 4326 // Now reload. replaceState overrides the POST, so we should not show a |
| 4327 // repost warning dialog. | 4327 // repost warning dialog. |
| 4328 controller_impl().Reload(true); | 4328 controller_impl().Reload(true); |
| 4329 EXPECT_EQ(0, delegate->repost_form_warning_count()); | 4329 EXPECT_EQ(0, delegate->repost_form_warning_count()); |
| 4330 } | 4330 } |
| 4331 | 4331 |
| 4332 // Test that the navigation controller preserves an entry when a |
| 4333 // "Blocking Page" is created. |
| 4334 TEST_F(NavigationControllerTest, BlockingPageEntry) { |
| 4335 const GURL url1("http://foo1"); |
| 4336 const GURL url2("http://foo2?x=<script>alert(0)</script>"); |
| 4337 const GURL url3("data:,"); |
| 4338 const GURL url4("http://foo4"); |
| 4339 |
| 4340 NavigationControllerImpl& controller = controller_impl(); |
| 4341 |
| 4342 // Set up the controller with initial history. |
| 4343 NavigateAndCommit(url1); |
| 4344 NavigateAndCommit(url2); |
| 4345 EXPECT_FALSE(controller.GetBlockedPageEntry()); |
| 4346 |
| 4347 // Pretend that XSS was detected by the renderer. |
| 4348 int32 page_id = controller.GetActiveEntry()->GetPageID(); |
| 4349 contents()->OnDidDetectXSS(page_id, url2, true); |
| 4350 EXPECT_TRUE(controller.GetBlockedPageEntry()); |
| 4351 EXPECT_EQ(url2, controller.GetBlockedPageEntry()->GetURL()); |
| 4352 |
| 4353 // Pretend that a "Blocking Page" replacement navigation followed. |
| 4354 FrameHostMsg_DidCommitProvisionalLoad_Params params; |
| 4355 params.page_id = page_id; |
| 4356 params.url = url3; |
| 4357 params.transition = PAGE_TRANSITION_LINK; |
| 4358 params.gesture = NavigationGestureUser; |
| 4359 params.page_state = PageState::CreateFromURL(params.url); |
| 4360 params.was_within_same_page = true; |
| 4361 params.is_post = false; |
| 4362 params.post_id = -1; |
| 4363 test_rvh()->SendNavigateWithParams(¶ms); |
| 4364 EXPECT_TRUE(controller.GetBlockedPageEntry()); |
| 4365 EXPECT_EQ(url2, controller.GetBlockedPageEntry()->GetURL()); |
| 4366 |
| 4367 // Check that further navigation clears the entry. |
| 4368 NavigateAndCommit(url4); |
| 4369 EXPECT_FALSE(controller.GetBlockedPageEntry()); |
| 4370 } |
| 4371 |
| 4332 } // namespace content | 4372 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 304313003:
Allow view-source of pages fully-blocked by Blink's XSS filter. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src